github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-09-16 02:52:31 -04:00
Code Issues Projects Releases Packages Wiki Activity
overleaf/services/web/app
History
Jakob Ackermann 224edddad4 [web] set a default, strict CSP on ALL endpoints (#6271) 
* Remove use of CSP_PERCENTAGE

* Move header calculation earlier

* Set a default policy and add comments

* Apply the CSP header to all responses

* Enable CSP in dev environment

* [web] set a default, strict CSP on ALL endpoints

* [misc] enable CSP in dev-env

* Only build the default policy once

* Update docker-compose.yml

* [web] webpack: set default CSP header on webpack assets

This aligns the webpack dev-server with production in nocdn=true mode.

Co-authored-by: Alf Eaton <alf.eaton@overleaf.com>
GitOrigin-RevId: 088a6082ad21c5b3f229887ba0ab3eca8d0528cd
2022-03-18 09:03:01 +00:00
..
src [web] set a default, strict CSP on ALL endpoints (#6271) 2022-03-18 09:03:01 +00:00
templates Add missing space to example doc (#6704) 2022-02-16 11:37:16 +00:00
views Merge pull request #6911 from overleaf/ta-layout-dropdown-view-fix 2022-03-16 09:03:14 +00:00